i do not know what is causing these cpu spikes, is there a way to find out what in wordpress is causing it, do you have any recommendations to stop these cpu spikes, the cpu spikes a seriously affecting my website and i want to stop it from happening

Most people will say that “this must be caused by one of your plugin”, because as far as everyone understood, Wordpress’ core module is much stable upon its release (unless you using their beta version, and also if there’s any)

For starter, please look back at what you’ve just done to your site. By look back, I mean thinking of any changes that you have done, like (of course) installing plugin, settings, performing pentesting like detectify or something similar. You name it.

Or perhaps it’s neither you nor Wordpress fault at all, but rather your site is under “attack” by someone. In this case, then you may need additional protection to your site, like Wordfence or using Cloudflare (I’d recommend Wordfence if you weren’t the one who set up DNS’es between your site and domain name)

it is also possible that some bot or person continuously send a request to server
in that period

my website url is: https://nicholasjoseytdb.rf.gd/-home but i don’t know if you will be able to access it at the moment as its currently suspended by infinityfree for going over cpu limits and the infinityfree website suspension is also causing issues with my websites ssl certificate only when my website gets suspended by infinityfree, ssl certificate runs fine when my website is running normally

@Joo_Nath said:
Most people will say that “this must be caused by one of your plugin”, because as far as everyone understood, Wordpress’ core module is much stable upon its release (unless you using their beta version, and also if there’s any)

For starter, please look back at what you’ve just done to your site. By look back, I mean thinking of any changes that you have done, like (of course) installing plugin, settings, performing pentesting like detectify or something similar. You name it.

Or perhaps it’s neither you nor Wordpress fault at all, but rather your site is under “attack” by someone. In this case, then you may need additional protection to your site, like Wordfence or using Cloudflare (I’d recommend Wordfence if you weren’t the one who set up DNS’es between your site and domain name)

@Joo_Nath said:
Most people will say that “this must be caused by one of your plugin”, because as far as everyone understood, Wordpress’ core module is much stable upon its release (unless you using their beta version, and also if there’s any)

For starter, please look back at what you’ve just done to your site. By look back, I mean thinking of any changes that you have done, like (of course) installing plugin, settings, performing pentesting like detectify or something similar. You name it.

Or perhaps it’s neither you nor Wordpress fault at all, but rather your site is under “attack” by someone. In this case, then you may need additional protection to your site, like Wordfence or using Cloudflare (I’d recommend Wordfence if you weren’t the one who set up DNS’es between your site and domain name)

i already have wordfence installed and set up

So what would you do?

If you have many plugins, I suggest you to disable any unnecessary plugins and only enable the important ones.